asyncrat | 7db33185f1eb10c9ad3a85f38c436d65975b2ab20887683898a27fa5fb7864fa[.]exe

General

Target

7db33185f1eb10c9ad3a85f38c436d65975b2ab20887683898a27fa5fb7864fa.exe
Size

226KB
MD5

6d947dc383b8ba3288bcc62596542a49
SHA1

343726364297f2ca5d4ee6ef27a81b15e21fd4b2
SHA256

7db33185f1eb10c9ad3a85f38c436d65975b2ab20887683898a27fa5fb7864fa
SHA512

45a3c9b275235c192b1526ff779e08103a1b9569fbae95c796888ca6aa466b6dd35756f071e20511f5d75f8bfe6f9d900c107f20924002c7a6e2802ea4aa1e75
SSDEEP

3072:u+STW8djpN6izj8mZwk72RH7UbBgNcaUTLLHjezfRh3/Et986+WpC:T8XN6W8mmk7SUbMUbjeRhPK

Score

10^/10

rat default asyncrat stormkitty

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

https://api.telegram.org/bot1675074810:AAHEEllh3coYCYZg222nkWnMeo1ufI7LvTI/sendMessage?chat_id=1604540576

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Signatures

Async RAT payload 1 IoCs

rat

resource	yara_rule
sample	asyncrat

Asyncrat family
asyncrat

StormKitty payload 1 IoCs

resource	yara_rule
sample	family_stormkitty

Stormkitty family
stormkitty

Files

7db33185f1eb10c9ad3a85f38c436d65975b2ab20887683898a27fa5fb7864fa.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 223KB - Virtual size: 223KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 223KB - Virtual size: 223KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B